[WEB SECURITY] security findings management

Rohit Pitke rohirp92 at yahoo.com
Tue Dec 20 09:28:37 EST 2011


A good bug management system with proper authentication and authorization management system shall suffice.
You can take a look @ Bugzilla. However, most of traditional systems are not equip to carry all data that you may ant to put as security-bug. So you might want to either change some of these open source systems to add some fields or write down your own. 
Also, multiple copies of pentest report also helps sometime.(Restricted access under your subversion system)


________________________________
 From: Lebeau Frederic <frederic.lebeau at websurf.be>
To: "websecurity at webappsec.org" <websecurity at webappsec.org> 
Sent: Friday, December 16, 2011 4:14 AM
Subject: [WEB SECURITY] security findings management
 

Hello, i'm looking for a tool to manage(keep trace, history, status) all security issues found during dynamic testing or code review activities.
Does someone can help me?

Thanks 
_______________________________________________
The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity at lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20111220/97cdcc3e/attachment-0003.html>


More information about the websecurity mailing list